Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Google's New Design

panaceaa Re:So Sayeth the Grease Monkey (294 comments)

Completely hiding the Google bar is not the best idea: You can't log out, you can't navigate to Gmail or other application settings, and you can't see your notifications. But you can change the Google bar to have a white background and black text with just some simple CSS changes:

#gbx3, #gbx4 {
    background-color: white;
    border-bottom: 1px solid #DDD;

#gbz .gbzt, #gbz .gbgt, #gbg .gbgt {
    color: black!important;

I don't know how you put these on top of Google's CSS with Greasemonkey, but if you can find a way, it should look how you'd like.

about 3 years ago

Detailing the Security Risks In PDF Standard

panaceaa Re:Ban manuals distributed in pdf. (136 comments)

HTML manuals can do all the things accused of PDFs, and you won't even know about half of them! Your browser automatically sends your operating system and locale preferences on every request. The hosting site doesn't even need Javascript to access them. But if you did have Javascript enabled, your HTML documentation could also read and write to Flash and HTML5 offline storage databases, often without your consent or direct knowledge! The horrors!

more than 3 years ago

Detailing the Security Risks In PDF Standard

panaceaa Abomination (136 comments)

"Wolf said that the document format is also full of other surprises. For example, it is reportedly possible to write PDFs which display different content in different operating systems, browsers or PDF readers -- or even depending on a computer's language settings."

Amazing -- totally unbelievable!! This should be wholly forbidden. Who would want to read documentation that knew what system you were running, or what language you could read, and tailored the display to make it more relevant to you? Text files don't let you do these things! Adobe is clearly going too far.

more than 3 years ago

Judge Declares Federal Healthcare Plan (Partly) Unconstitutional

panaceaa Re:Could someone kindly explain (1505 comments)

The constitution and its amendments specify certain inalienable rights that cannot be violated by state and national laws. Strictly speaking, the Congress can pass any legislation it wants, and the president can sign or veto any of that legislation, regardless of constitutionality. It is the federal courts, and usually the Supreme Court, that then enforce the constitutionally of laws through the federal appeal process. If they find that certain pieces of legislation violate the rights granted to the people by the constitution, they can invalidate them and remove them from law.

In my humble opinion, this is the tug and pull that makes the United States still livable. Without it, the United States would still have segregation, abortion would be illegal, most schools would teach Christianity, people accused of crimes would have far fewer rights, and the press would likely be very tight-lipped. Though, on the other side, the 2nd Amendment has caused many very noble-intentioned gun control laws to become invalidated.

more than 3 years ago

Paying With the Wave of a Cellphone

panaceaa Re:and... (137 comments)

The security problem is easy: How about your phone just asks you whether you accept the charges, and you click "Yes". Of course there will always be fraud wherever there's money, but such a confirmation system seems much more secure than existing US-style credit cards.

And you should have more faith in humanity that FB updates won't automatically go out whenever you buy something. We've learned that's a bad idea. But maybe people can choose specific purchases to publicize... like if you buy concert tickets, that'd be fun to have friends know. But the mass market would never install something that broadcasts every purchase; they'd just stick to credit cards instead.

more than 3 years ago

Canadian Spammer Fined Over $1 Billion

panaceaa Good news for him (379 comments)

On the bright side of things for him, it's less than a gigadollar.

more than 3 years ago

Google and Verizon In Talks To Prioritize Traffic (Updated)

panaceaa Re:Get ready to Bend over America (410 comments)

Full disclosure, I work for Google. But I have no say in these kinds of things. Normally I wouldn't comment on such an article, but do I think it's enlightening to hear Google's side of the story. Therefore, here are CEO Eric Schmidt's recent comments on this topic:

"People get confused about Net neutrality," Schmidt said. "I want to make sure that everybody understands what we mean about it. What we mean is that if you have one data type, like video, you don't discriminate against one person's video in favor of another. It's OK to discriminate across different types...There is general agreement with Verizon and Google on this issue. The issues of wireless versus wireline get very messy...and that's really an FCC issue not a Google issue."


Basically, it's important for VOIP to have a certain quality of service for clear voice calls, but different QOS rules may make sense for other data types. For example, downloading raw data files can be bursty. Precaching future web pages or Javascripts doesn't have to always succeed. But, "you don't discriminate against one person's [data] in favor of another".

more than 3 years ago

How Do You Handle Your Keys?

panaceaa Re:Carry Them (763 comments)

I do the same thing with my penis. You can never be too careful.

more than 4 years ago

Google Docs Replaces OpenOffice In Ubuntu Netbook Edition

panaceaa Re:What is a netbook? (298 comments)

What does size have to do with whether something's a netbook? In my mind, a netbook is something geared towards using Internet applications (such as Gmail, Facebook, Amazon, Google Docs, etc), without all the processor, hard disk and operating system requirements for running local applications.

At least, that's what the "net" part of "netbook" leads me to believe.

more than 4 years ago

Jan. 11, 1902 — Popular Mechanics Is Born

panaceaa Re:108 years old (77 comments)

So if I were to write 2048d in your system, which I'll call "j", would it be 110j? How do you differentiate that from 6d?

The reason why decimal works pretty well is there's a clear differentiation between each digit's meaning.

more than 4 years ago

Gravatars Can Leak Users' Email Addresses

panaceaa Re:So let's change the algorithm. (170 comments)

By using this exploit, spammers get additional user useful data: They'll know each user's full name in most cases. They'll know that the user is interested in the site he's commenting on. They'll know what language he speaks. Basically, they can compose much more compelling emails with a higher probability of getting through and even being seen as relevant to the recipient.

more than 4 years ago

Gravatars Can Leak Users' Email Addresses

panaceaa Not the algorithm (170 comments)

This is not related to the MD5 algorithm or use of salts. The fact is that Gravatar wants sites to use Gravatar without sending loads of requests to Therefore Gravatar must provide a "client-side" API for generating Gravatar avatar URLs based on the known constant, email addresses. Sure, they could have salted things, but whatever they do, there's an essentially open source function somewhere that takes an email address and converts it to a Gravatar URL. As the algorithm is available to anyone, any attack can use it to check intelligent guesses against the known algorithm result.

There really isn't anything Gravatar can do without changing their design to decouple avatar URLs from email addresses. Basically whenever anyone registers an account with a blog, the site would have to ask Gravator for the user's Gravatar avatar URL -- and probably poll on some regular basis in case users add Gravatar avatars later. The blog would then have to pertain this data in their databases for later look-up when comments are viewed. This is certainly possible, and could probably be designed in a way that doesn't add additional load to Gravatar's servers. But compared to the current implementation, which can be added to blogs with very minimal coding (probably just a couple lines in PHP), to do this more safely would require persistence-layer/database schema changes that would severely limit the attractiveness of Gravatar.

more than 4 years ago

What Can I Expect As an IT Intern?

panaceaa Re:Have you looked elsewhere ? (325 comments)

+1 on $8/hour just being strange. I started out at a $10/hour internship doing computer graphics and Perl programming 12 years ago, then $15/hour doing coding for a GOVERNMENT CONTRACTOR two years later. Now that I work for a "major software company", we'd be caught dead paying interns less than $25/hour because we want them to by happy and come back! This economy is a huge stumbling block, though, so maybe you're lucky with what you get. But at $8/hour I think you're not actually getting an IT position, but a personal assistant position, and you'd probably do well to find other opportunities.

more than 4 years ago

Mark Cuban's Plan To Kill Google

panaceaa Re:wow, a whole million? (773 comments)

I read the article and he's exactly proposing paying off the top 1000 sites. Direct quote: "Would the top 1k most visited sites take a cool $1mm each?" Sure, then he pontificates... what if the top 100k sites also got a cut? But he doesn't suggest anything besides paying off sites, the largest getting nearly $1mm.

more than 4 years ago

FBI Nabs Chicago Transit Authority Radio Hacker

panaceaa Re:Why is public transport still living in stone a (177 comments)

Why does everyone talk about encrypting the signals? It's more important to know who is talking than attempting to restrict the list of people who can hear or transmit. Therefore it would make sense to me to sign the transmissions. If there's noise, the signing fails, but you can still use other forms of trust to verify the transmitter. Without significant noise, you have a greater degree of trust -- and with that, people without trust can be ignored.

more than 4 years ago

Is IE Usage Share Collapsing?

panaceaa Re:My statistics (575 comments)

That's bizarre. I have no interest in Safari personally, but I'd expect 3-5% Safari unless you have a specific demographic that does not appeal to Apple users. Does your web site tailor to developing countries, for example?

about 5 years ago

Is IE Usage Share Collapsing?

panaceaa Re:My statistics (575 comments)

Does your web site not work on Safari or are you reading your statistics wrong?

about 5 years ago

Madoff Sentenced To 150 Years

panaceaa Re:Oh great! (602 comments)

You sound like you don't think prison is a punishment. You do realize that inmates lose basically all their freedoms? They're confined to a small space where they cannot leave. They can only talk to the outside world at specific times dictated by them. In higher security prisons, they can't even go to the bathroom without being seen by guards. I would much rather be out in the world working for free.

about 5 years ago

Choruss Pitching Bait and Switch On P2P Music Tax

panaceaa Re:Protection money? (119 comments)

> Chorusss

It's actually just a double-S at the end. The double-S is totally cute. And a great reminder of how great life was under the Shutzstaffel's watchful eye.

more than 5 years ago



panaceaa panaceaa writes  |  more than 7 years ago

panaceaa writes "Google launched its latest Labs experiment this morning, Google Voice Local Search. By calling the service on a regular telephone, or mobile phone, you can search and connect to local businesses anywhere in the US over the phone for free. The service is fully automated and returns local business information from Google Maps. To access the service, call 1-800-GOOG-411 (1-800-466-4411) and search in English by business name or by category."


top submissions

panaceaa panaceaa writes  |  about 8 years ago I've been having a lot of fun helping people with their Java questions on It's a great forum both for giving and receiving general technology questions. I wish I could answer everyone's questions, but for now I can only answer most Java/MySQL/PHP questions :). Here are some of my recent posts:

Special Character issue in JSP
login script: user can't hit return for login
Java Media Framework(I am new to java)
Special Character issue in JSP
Sorting in Javascript.


My blog

panaceaa panaceaa writes  |  more than 8 years ago

Hi everyone... I just thought I'd let you know that I'm doing all my blogging / journaling at now. So if you want to know more about me, go there!


Juno Online / NetZero needs to do more about fraud

panaceaa panaceaa writes  |  about 9 years ago

In the last month and a half, Juno Online (who run NetZero) fraudulently charged me $39.90 for services I never ordered. That's fine: fraud happens. But I'm annoyed that when I called them, they sent me through three lines of support before telling me that they couldn't refund me my money. Apparently, their computer systems can't technically issue refunds themselves! So I had to call my credit card company and wait on hold even more to dispute the transaction and get everything straightened out.

I want Juno to have a better system for dealing with fraudulent charges. I shouldn't have to wait 30 minutes to clear up an issue that's not my fault. And now that I know what awful customer service they have, why would I ever want to be their customer??

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account